<?php
	
	class ForumClass {
		private $db;
		private $xss;
		private $sesid;
		private $usrId;
		private $topicId;
		private $messageId;
		private $title;
		private $content;
		
		function ForumClass() {
			$this->db = DBhandler::getInst();
			$this->xss = new XSSClass();
		}
		
		public function getTopics($sesid) {
			$db = $this->db;
			$xss = $this->xss;
			
			$this->sesid = $xss->removeXSS($db->rmInject($sesid));
			if (!$this->isLogged()) {
				return array("result" => false, "message" => "You can't do this. You're not logged in. Pleas log in.");
			}
			$usrId = $this->getUsrId();
			
			$sql = "
				select
					id as topicId,
					title,
					(select u.user_name from users as u where u.id = t.users_id) as author,
					(select count(sub.id) from subscriber as sub where sub.topics_id = t.id and sub.users_id = '$usrId') as isSubscribed
				from
					topics as t
			";
			
			$res = $db->query($sql);
			$topics = $db->get();
			
			$topicsOut = array();
			
			foreach ($topics as $topic) {
				$topicsOut[] = array("topicId" => $topic['topicId'], "title" => $topic['title'], "author" => $topic['author'], "isSubscribed" => $topic['isSubscribed']);
			}
			
			return array("result" => true, "message" => "Selected topics.", "system" => $topicsOut);
		}
		
		public function newTopic($sesid, $title) {
			$db = $this->db;
			$xss = $this->xss;
			
			$this->sesid = $xss->removeXSS($db->rmInject($sesid));
			if (!$this->isLogged()) {
				return array("result" => false, "message" => "You can't do this. You're not logged in. Pleas log in.");
			}
			$this->title = $xss->removeXSS($db->rmInject($title));
			$usrId = $this->getUsrId();
			$id = $db->cui();
			
			$sql = "
				insert into
					topics
					(id, users_id, title)
				values
					('$id', '$usrId', '".$this->title."')
			";
			
			$res = $db->query($sql);
			
			if (mysql_affected_rows()) {
				$this->subscribe($this->sesid, $id);
				return array("result" => true, "message" => "New topic created.");
			}
			else {
				return array("result" => false, "message" => $db->error());
			}
		}
		
		public function subscribe($sesid, $topicId) {
			$db = $this->db;
			$xss = $this->xss;
			
			$this->sesid = $xss->removeXSS($db->rmInject($sesid));
			if (!$this->isLogged()) {
				return array("result" => false, "message" => "You can't do this. You're not logged in. Pleas log in.");
			}
			$this->topicId = $xss->removeXSS($db->rmInject($topicId));
			$id = $db->cui();
			$usrId = $this->getUsrId();
			
			$sql = "
				insert into
					subscriber
					(id, topics_id, users_id)
				select
					'$id',
					'".$this->topicId."',
					'$usrId'
				from
					dual
				where
					(select count(s.id) from subscriber as s where s.topics_id = '".$this->topicId."' and s.users_id = '$usrId') = 0
			";
			
			$res = $db->query($sql);
			
			if (mysql_affected_rows()) {
				return array("result" => true, "message" => "User subscribed to topic.");
			}
			else {
				return array("result" => false, "message" => $db->error());
			}
		}
		
		public function unsubscribe($sesid, $topicId) {
			$db = $this->db;
			$xss = $this->xss;
			
			$this->sesid = $xss->removeXSS($db->rmInject($sesid));
			if (!$this->isLogged()) {
				return array("result" => false, "message" => "You can't do this. You're not logged in. Pleas log in.");
			}
			$this->topicId = $xss->removeXSS($db->rmInject($topicId));
			$id = $db->cui();
			$usrId = $this->getUsrId();
			
			$sql = "
				delete from
					subscriber
				where
					topics_id = '".$this->topicId."' 
					and
					users_id = '$usrId'
					and
					(select count(t.id) from topics as t where t.id = '".$this->topicId."' and t.users_id = '$usrId') = 0
			";
			
			$res = $db->query($sql);
			
			if (mysql_affected_rows()) {
				return array("result" => true, "message" => "User unsubscribed from topic.");
			}
			else {
				return array("result" => false, "message" => $db->error());
			}
		}
		
		public function postMessage($sesid, $title, $content, $topicId) {
			$db = $this->db;
			$xss = $this->xss;
			
			$this->sesid = $xss->removeXSS($db->rmInject($sesid));
			if (!$this->isLogged()) {
				return array("result" => false, "message" => "You can't do this. You're not logged in. Pleas log in.");
			}
			$this->topicId = $xss->removeXSS($db->rmInject($topicId));
			$this->content = $xss->removeXSS($db->rmInject($content));
			$this->title = $xss->removeXSS($db->rmInject($title));
			$id = $db->cui();
			$usrId = $this->getUsrId();
			
			$sql = "
				insert into
					message
					(id, topics_id, users_id, message, title)
				values
					('$id', '".$this->topicId."', '$usrId', '".$this->content."', '".$this->title."')
			";
			
			$res = $db->query($sql);
			
			if (mysql_affected_rows()) {
				return array("result" => true, "message" => "New message to topic created.");
			}
			else {
				return array("result" => false, "message" => $db->error());
			}
		}
		
		public function readByUser($sesid, $messageId) {
			$db = $this->db;
			$xss = $this->xss;
			
			$this->sesid = $xss->removeXSS($db->rmInject($sesid));
			if (!$this->isLogged()) {
				return array("result" => false, "message" => "You can't do this. You're not logged in. Pleas log in.");
			}
			$this->messageId = $xss->removeXSS($db->rmInject($messageId));
			$id = $db->cui();
			$usrId = $this->getUsrId();
			
			$sql = "
				insert into
					read_by_user
					(id, message_id, users_id)
				select
					'$id',
					'".$this->messageId."',
					'$usrId'
				from
					dual
				where
					(select count(rbu.id) from read_by_user as rbu where rbu.message_id = '".$this->messageId."' and rbu.users_id = '$usrId') = 0
			";
			
			$res = $db->query($sql);
			
			if (mysql_affected_rows()) {
				return array("result" => true, "message" => "User read the message!");
			}
			else {
				return array("result" => false, "message" => $db->error());
			}
		}
		
		public function getTopicMessages($sesid, $topicId) {
			$db = $this->db;
			$xss = $this->xss;
			
			$this->sesid = $xss->removeXSS($db->rmInject($sesid));
			if (!$this->isLogged()) {
				return array("result" => false, "message" => "You can't do this. You're not logged in. Pleas log in.");
			}
			$this->topicId = $xss->removeXSS($db->rmInject($topicId));
			$usrId = $this->getUsrId();
			
			$sql = "
				select
					id as messageId,
					title,
					message as content,
					(select u.user_name from users as u where u.id = m.users_id) as author,
					(select count(rbu.id) from read_by_user as rbu where rbu.message_id = m.id and rbu.users_id = '$usrId') as isRead
				from
					message as m
			";
			
			$res = $db->query($sql);
			
			$messages = $db->get();
			$messagesOut = array();
			
			foreach($messages as $message) {
				$messagesOut[] = array("messageId" => $message['messageId'], "title" => $message['title'], "content" => $message['content'], "author" => $message['author'], "isRead" => $message['isRead']);
			}
			
			return array("result" => true, "message" => "All messages to topic.", "system" => $messagesOut);
		}
		
		private function getUsrId() {
			session_id($this->sesid);
			session_start();
			
			if (isset($_SESSION['usrId'])) {
				return $_SESSION['usrId'];
			}
		}
		
		private function isLogged() {
			$db = $this->db;
			$xss = $this->xss;
			
			session_id($this->sesid);
			session_start();
			if (isset($_SESSION['sesid'])) {
				if ($_SESSION['sesid'] == $this->sesid) {
					return true;
				}
				else {
					return false;
				}
			}
			else {
				return false;
			}
		}
	}
?>